Difference between revisions of "Linux Kerberos"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
= Install = | = Install Kerberos Linux Client = | ||
In order to authenticate to a Kerberos Realm, the krb5-user and libpam-krb5 packages are needed, along with a few others that are not strictly necessary but make life easier. To install the packages enter the following in a terminal prompt: | In order to authenticate to a Kerberos Realm, the krb5-user and libpam-krb5 packages are needed, along with a few others that are not strictly necessary but make life easier. To install the packages enter the following in a terminal prompt: | ||
<source lang=bash> | <source lang=bash> |
Latest revision as of 01:41, 18 June 2019
Install Kerberos Linux Client
In order to authenticate to a Kerberos Realm, the krb5-user and libpam-krb5 packages are needed, along with a few others that are not strictly necessary but make life easier. To install the packages enter the following in a terminal prompt:
sudo apt install krb5-user libpam-krb5 libpam-ccreds auth-client-config
Operations
Obtain a ticket
$ kinit user1@DOMAIN.LOCAL
Use keytab file
This creates secure a file containing credentials. Default keytab file is /etc/krb5.keytab
$ ktutil ktutil: addent -password -p user1@DOMAIN.LOCAL -k 1 -e aes256-cts Password for user1@DOMAIN.LOCAL: ********* ktutil: wkt user1.keytab ktutil: quit
List credentials
$ klist -k user1.keytab Keytab name: FILE:ppawl.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 user1@DOMAIN.LOCAL
Obtain a ticket
kinit ppawl@TPPLC.LOCAL -k -t ~/.ssh/user1.keytab
Destroy any current kerberos tickets
$ kdestroy
Resources
- Kerberos Ubuntu